Your Password Manager May Not Be As Secure As You Thought Cryptography researchers have found ways to access data from a number of password managers, but it might not be time to switch just yet.

I had fun learning about potential security vulnerabilities in cloud-based password managers last week. Thanks to @kennyog.bsky.social and @lujobauer.bsky.social for their insights:

www.iflscience.com/your-passwor...

My student Jenny Tang (coadvised with @lujobauer.bsky.social) is making friends at SOUPS with our paper on looking at 10 years of SOUPS papers and reviewing how solid the stats were. Basically: not great, not great at all. (And that includes my own work.)
Paper: www.andrew.cmu.edu/user/nicolas...

Measuring Risks to Users' Health Privacy Posed by Third-Party Web Tracking and Targeted Advertising | Proceedings of the 2025 CHI Conference on Human Factors in Computing Systems

Great job, Anna and Eric! Anna presented our work demonstrating the inconsistency of LLM responses and how attackers might take advantage (doi.org/10.1145/3706...); and Eric investigating health-related online tracking (doi.org/10.1145/3706...) @abfriedman.com

CRA Undergraduate Research Faculty Mentoring Award - CRA Education This award recognizes individual faculty members who have provided exceptional mentorship, undergraduate research experiences, and, in parallel, guidance on admission and matriculation of these studen...

My long-time collaborator from back when he was a PhD student at CMU/S3D (in @scsatcmu.bsky.social ), Blase Ur, now a CS Prof. at U. Chicago won a particularly cool award: cra.org/crae/awards/...

Carnegie Bosch Institute A world-class academic and industry collaboration for more than 30 years, CBI is a unique alliance between Carnegie Mellon University and Bosch. Activities at CMU include hosting the prestigious Carn...

Interested in a postdoc at CMU in AI, cybersecurity, robotics, or sustainability? Consider applying for a Carnegie Bosch Fellowship by Jan 31! carnegiebosch.cmu.edu

USENIX Security '25 Call for Papers

Please consider sending your awesome computer security & privacy papers to
USENIX Security
'25! The cycle 2 deadline is Jan 22 AoE. Remember that writing about research ethics and open science (sharing datasets, code, scripts, etc.) is required! usenix.org/conference/u...
@gianko.bsky.social

Carnegie Bosch Institute A world-class academic and industry collaboration for more than 30 years, CBI is a unique alliance between Carnegie Mellon University and Bosch. Activities at CMU include hosting the prestigious Carn...

Are you looking for a postdoc related to security and privacy or AI? Consider applying for a Carnegie Bosch Institute fellowship to work with us at CMU! carnegiebosch.cmu.edu cmu.infoready4.com#competitionD...

Hiring $pageDescription

CMU is hiring tenure-track faculty who'd like to do fun and exciting research in computer security and privacy. Please consider applying! www.cylab.cmu.edu/about/hiring...